ThingWorx REST API > Updating, Deleting, and Executing Through the API
Updating, Deleting, and Executing Through the API
* 
The examples in this topic assume that you are familiar with executing HTTP POSTS in your web development environment or application.
The following rules help to understand what is needed based on the type of request being made.
Notes
Sample URL
HTTP Action
Content Type
UPDATE
Updates require specifying the entity part as well
http://host/Thingworx/Things/thing_name
PUT
application/json or text/xml
DELETE
Deletes require specifying the entity part as well
http://host/Thingworx/Things/thing_name
DELETE
n/a
INVOKING SERVICES
Calling a service requires specifying the complete URL, including the specific characteristic
http://host/Thingworx/Things/MyThing/Services/myService
* 
If your service requires inputs, these inputs should be passed in the form fields of your POST.
POST
application/json
Executing HTTP Requests
When executing HTTP requests, use UTF-8 encoding and specify the optional port value if required.
* 
It is recommended to use HTTPS in production or any time network integrity is in question.
Handling HTTP Response Codes
In most cases, you should expect to get back either content or the status code of 200, this is OK. In the case of an error, you will receive an error message.
Working with HTTP Content
If you are sending or receiving any HTTP content (JSON, XML, HTML (for responses only)), set the request content-type header to the appropriate value based on the HTTP content you are sending.
Methods
GET
Retrieve a value.
PUT
Write a value or create new Things or properties.
POST
Execute a service.
DELETE
Delete a Thing or Property.
Accept Header Values
JSON
application/json
XML
text/xml
HTML
text/html (or omit Accept header)
CSV
text/csv
Content Type Header Values
JSON
application/json
XML
text/xml
Metadata
You can display the metadata of any specific Thing, Thing Template, or Shape you build by going to the following URL in a web browser: NameoftheThing/Metadata
* 
To see this information, it must be shown as JSON.
Passing in Authentication with your REST API Call
The recommended best practice is to use an application key. Generate the application key in ThingWorx and then you can pass it with your REST call in the form of an HTTP header.
Replace the Header Value with the application key valid for the ThingWorx instance you intend to connect.
Header Key
Header Value Example
appKey
1x9256cf-9fe9-434e-adbe-9772c0c40261
The ThingWorx REST API supports two other authentication methods:
Basic Authentication allows you to authenticate with your user and password.
Passing the application key as an URL Parameter. This method is not recommended due to security reasons and will be deprecated in the future.
Related Links
ThingWorx REST API
ThingWorx REST Design
Updating the Request Method and Content Type Filtering for CSRF Protection
Was this helpful?